How does malware propagate? According to Microsoft’s report (gathered from Microsoft’s Security Removal Tool) almost 45% requires user interaction, e.g. executing a file. Another 43% uses AutoRun capabilities via USB or a network to infect a system. The remaining 12% list file infections, exploits where updates are available and password brute force attacks.

It is interesting to note that disabling autorun would eliminate nearly 50% of all malware threats. Exploits, which get lots of coverage on the Internet attribute to only 6% of detections.

A look at the different types of exploits reveal that exploits targeting Java were responsible for up to one-half of all exploits in a given quarter. Operating system exploits have passed HTML and Script exploits in the second quarter which can be solely attributed to a vulnerability i Windows Shell which was for instance exploited by the Stuxnet family.

When it comes to document exploits it is Adobe Reader and Acrobat who have accounted for most of the exploits in the first half of 2011.

Operating system infection rates paint an interesting picture. Nearly ten times as many Windows XP SP3 systems get infected as Windows 7 SP1 64-bit systems. Windows 7 Service Pack 1 32-bit systems have a ratio of 1:6 compared to Windows XP’s infection rate.

Even Windows Vista with its latest service pack installed reports only half of the infection rate that Windows XP reports.

A look at the different threat families and categories sees Adware at the top followed by misc potentially unwated software, misc trojans and a second smaller group lead by Worms, Trojan downloaders, virus, password stealers and backdoors.

Email spam decreased dramatically in the past twelve months according to the Microsoft report. From 89 billion messages in July 2010 to 25 billion in June 2010. Microsoft attributes this to the takedown of two major botnets in August 2010 and March 2011.

Global Infection Rates by country

• United States:
• Brazil: Most trojan downloaders and droppers, most exploits, most password stealers and monitoring tools.
• France: Most Adware
• United Kingdom
• China: Most backdoors and spyware
• Germany
• Russia: Most misc potentially unwanted software
• Italy
• Canada
• Turkey: Most misc trojans, Worms and Viruses

Interested users can download the latest report and previous reports from Microsoft’s Security Intelligence Report website.

IClean is a portable application that can be run from anywhere including a portable drive or device. The computer program will then display information about the computer system in six tabs that are accessible on top of the interface.

• Processes: Displays all running processes with the option to check processes and kill them or kill and delete them.
• Services: A list of all running services with the option to delete multiple services at once.
• Registry: Several security sensitive Registry settings are displayed here including programs that bypass firewall rules, toolbars and browser helper objects with the option to repair, backup and restore settings.
• Startup Folders: Displays a list of startup items that are loaded during system start with the option to enable, disable or clear them.
• Hosts: The Windows hosts file that is used by malware to redirect Internet traffic.
• Advanced: Option to terminate a known process ID.

Several of these options could come in handy after a sucessful malware removal on the computer system. IClean is available at the developer’s website and compatible with all Windows operating systems from Windows 98 to Windows Vista (and probably Windows 7 as well).